@article{4737,
  author = {Ezendu Ariwa},
  title = {Cybersecurity Financial Risk Modeling and Predictive Analytics Using Statistical Correlation, Regression, and Monte Carlo Simulation},
  journal = {Journal of Information Organization},
  year = {2026},
  volume = {16},
  number = {2},
  doi = {https://doi.org/10.6025/jio/2026/16/2/59-78},
  url = {https://www.dline.info/jio/fulltext/v16n2/jiov16n2_2.pdf},
  abstract = {Cybersecurity incidents have emerged as a major source of financial disruption for organizations across
industries. The increasing frequency and sophistication of cyberattacks necessitate quantitative approaches
to evaluate operational exposure, financial volatility, and systemic cyber risk. This study presents a
comprehensive analytical framework for cyber-financial risk assessment using a structured cybersecurity
incident dataset containing 1,902 observations. The research integrates correlation analysis, predictive
regression modeling, and Monte Carlo simulation to evaluate relationships among operational variables,
predict financial damage, and estimate tail-risk exposure under uncertain cyberattack conditions. Pearson,
Spearman, and Kendall Tau correlations were applied to identify linear and non-linear associations among
incident response metrics, recovery costs, downtime duration, and reputational impact indicators. Multiple
regression techniques, including Linear Regression, Ridge Regression, Random Forest Regressor, and
Gradient Boosting Regressor, were employed to predict financial damage and identify the most influential
predictors of cyber-financial loss. Furthermore, a stochastic compound risk framework and Monte Carlo
simulation were implemented to estimate expected annual loss, Value at Risk (VaR), and Conditional Value
at Risk (CVaR). The findings reveal substantial heavy-tailed financial exposure, significant predictive
importance of reputational impact severity, and catastrophic loss scenarios that conventional averagebased
risk metrics fail to capture. The study contributes a practical and scalable quantitative framework for
cyber risk management, cyber insurance planning, and strategic financial resilience.},
}